The present invention relates to an identification card and an authentication system for authenticating a card holder and the identification card itself.
Recently, desired items can be purchased without cash but with cards issued from card issuers such as credit card companies. At time of purchasing, a store clerk checks whether or not a card user or customer is the authorized card holder, i.e., whether or not the card is being misused by the current card user. When the card user is authenticated as the legal card holder, the selected item is sold with the identification card. In this case, the card user is authenticated with a key code in the following manner.
(a) A key code is recorded in a magnetic strip of the identification card. An input key code entered by a customer at a keyboard of an authentication system installed in a store is compared with the recorded key code by a magnetic reader so as to detect a coincidence therebetween.
(b) A key code entered by a customer is compared with that registered by a credit card company through a POS (point of sales) terminal or a telephone set which is on-line connected to a host system in the credit card company so as to detect a coincidence therebetween.
According to method (a), however, an illegal user can easily read out the key code from the magnetic strip by using a special magnetic reader or the like. Authentication reliability with respect to the card holder is very low. An IC card storing a key code has recently been developed and the key code cannot be externally read out from the IC card. Although it is difficult to read out the key code from this type of IC card, the card itself can be counterfeited and the legal card holder cannot be positively identified. It is difficult to confirm that the IC card was issued in accordance with proper procedures.
On the other hand, method (b) has high reliability for authenticating the card itself. However, since a communication line must be used, the key code may be intercepted, thus failing to guarantee security (safety) of the key code.